Andrew Haley <[EMAIL PROTECTED]> writes:
| Gabriel Dos Reis writes:
| > Andrew Haley <[EMAIL PROTECTED]> writes:
| >
| > | Robert Dewar writes:
| > | > Andrew Haley wrote:
| > | >
| > | > > We've already defined `-fwrapv' for people who need nonstandard
| > | > > arithmetic.
| > | >
| > | > Nonstandard implies that the result does not conform with the
standard,
| > |
| > | I don't think it does; it merely implies that any program which
| > | requires "-fwrapv" for correct execution is not a strictly conforming
| > | program.
| >
| > How many useful C programs do you know that are strictly conforming?
| > Certainly, GCC isn't stritcly conforming.
| >
| > I suspect the actual argument must be somewhere else.
|
| I'm sure it is.
No doubt GCC is useful. But I very much doubt it is a strictly
conforming program.
[#5] A strictly conforming program shall use only those
features of the language and library specified in this
International Standard.2) It shall not produce output
dependent on any unspecified, undefined, or implementation-
defined behavior, and shall not exceed any minimum
implementation limit.
| The only purpose of my mail was to clarify what I
| meant by "nonstandard", which in this case was "not strictly
| conforming". I didn't intend to imply anything else.
OK. The way I saw the exchange of arguments was
* Give data that justify this breakage
+ But we have -fwrapv for nonstandard arithmetic
* -fwrap implements standard conforming semantics
+ But a program that needs -fwrap is not stricly conforming
....
which reads to me as an abstract (bogus) argument is being made in
place of providing actual data. What worries me the most -- and
prompted my message -- is the implication that it is OK to break a
non strictly conforming program. If GCC systematically goes there, it
will quickly become useless (except for academic exercises). And I'm
sure you did not intend that.
Consequently, I suspect the breakage must be non-systematic, but
guided by some principles or rules. I also believe that the breakage
is not done just because something is labelled an "optimization". In
end, we need actual data to back up the claim that the transformation
is indeed an optimization worthwhile, and it is a good thing for most
actual software to have it enabled by default.
| In this case, there are two ways to view the program: either it has a
| bug, or it has an environmental depencency on wrapping integer
| arithmetic.
"environmental dependency" is not necessrily indication of bug.
For sure, integer overflow is undefined according to the C standard.
However, the C standard is not the only thing in the world that C
programs care about. Theere are other useful standards (some of them
make contradictory requirements with respect to ISO C). The quandry
is to find a ground where GCC implements the C standard, remains
useful, yet does a good job. I don't think we can systematically apply
the abstract argument that if a program contains an undefined
behaviour it is OK to break it. And indeed, GCC already have
acknowledged some undefined behaviour and promise not to break
programs that contain them.
-- Gaby
|
| Andrew.
--
Gabriel Dos Reis
[EMAIL PROTECTED]
Texas A&M University -- Department of Computer Science
301, Bright Building -- College Station, TX 77843-3112
